User Experience: in Forgot Password Use Case Reset Password even if account Does not Exist – Disqus
Imagine you are building a web application and you are tasked to create a flow for the Forgot Password Use Case. What would your ideal use case be ?
- User clicks on Forgot Password link
- User enters his email ID
- System verifies the an account exists with email id.
- User hits Reset password button.
- System confirms password reset instructions were sent to the email.
An Alternate Use Case would be that:
- User clicks Forgot Password link
- User enters his email ID
- System verifies the an account exists with email id.
- Email Does not exist
- User is informed that an account does not exist.
However, Disqus actually sends the password reset instructions to a non-existing account, for ? Just because this is an Opportunity for Disqus to have yet another user.
Password Reset Use Case for Disqus:
- User clicks Forgot Password link
- User enters his email ID
- System verifies the an account exists with email id.
- Email Does not exist
- System sends password reset instructions and
- User is informed about succesul password reset attempt.
Just recently, i had to reset my password for Disqus account, i did not remember the email id i used for my Disqus account what i did remember is that i have an account with Disqus, so…. I tried to reset the password and voila, Disqus sent me a password reset email. Then in my inbox, i saw that i had earlier email from Disqus which had reference for original email linked to Disqus.
So effectively Disqus knew that i do not have an account with X email ID but proceeded further and sent me an email with instructions on how i can reset the password, the email did not mention that i do not have an account there at disqus.
Rather, it allowed me to go to Disqus Dashboard and setup a new password, amazing….
The only visible hint in the interface i had was that i was asked to verify the email id. During this whole story, Disqus did not say a negative word about non-existing account, but quietly guided me through and in the hindsight creating an account.
I assume Disqus follows this because when someone tries to reset password at Disqus their intent is definitely to be with Disqus. But really a smart strategy indeed.
On reset password, don’t tell the user you don’t have an account, but tell them that you have sent the instructions.
Having the best copy
Communicating with the user is important, and when you can not talk to your users. Your website does, the tonality and the wordings used in your site indicate, how rude you are, how friendly you are or How indifferent you are to your users.
When i reset my password for Disqus, i was given this short and friendly System Alerts – Success Message., and the language actually says it all.
OK. We’ve sent you an email describing how to reset your password.
Not sure if this is how it should be, but strangely it is…
Leave a Reply